Strategies for Securing Retail Payment Data

Verizon recently released its annual Payment Security Report. And for retailers, the report highlighted significant areas for improvement in encrypting data, securing transmitted data, and authentication.

This should serve as an industry-wide wake-up call, for the impacts of data breaches cannot be underestimated.

The average consolidated cost of a breach is $4 million, and this will undoubtedly increase for European retailers when GDPR comes into force, where fines can total up to €20 million or 4% of total annual turnover (Source: SecurityIntelligence).

The long-term reputational impact must also be considered. Consumers rank data breaches as one of the most damaging factors to a brand, on the same level with environmental disasters (Source: Dark Reading). Consequently, 19% of consumers avoid retailers who have been hit by a major breach (Source: Innovative Retail Technologies).

The good news is that retailers are being proactive and looking to take control of their payments activity. Ovum report that of the 80% of retailers entering payments, 40% cited security considerations as the main driver (Source: Ovum).

Securing retail payments with digital wallets

As retailers look to bring payments in-house, there are various approaches to consider. Deploying a digital wallet, however, may not be an immediately apparent option.

This is perhaps because the value of mobile wallets may be seen in the ability to provide a seamless and enhanced buying experience to consumers. But digital retail wallets are also a highly-effective means of improving payments security and mitigating risk.

Protecting data with payment tokenization

Tokenization technology is a key component to a truly secure digital retail wallet.

Payment tokenization replaces a customer’s primary account number (PAN) with a unique payment token that is restricted in its usage, for example, to a specific device, merchant, transaction type or channel.

Adapting to omnichannel retail

For many retailers, however, the distinction between in-store and eCommerce / mCommerce has become blurred. For example, a consumer may choose to shop in store, but checkout through an in-app payment within their mobile wallet.

This is undoubtedly good news for retailers, as it will further enhance mobile wallet security by bringing the fraud prevention capabilities of dynamic tokens to increasingly popular checkout options, such as in-app and online payments, and recurring one-click-ordering.

Securing payments beyond tokenization

In addition to tokenization, various other technologies and protocols can be incorporated into digital retail wallets to provide additional security protections.

Biometric authentication, for example, provides an extra, visible layer of security, and can be deployed in parallel with other authentication protocols such as passcodes.

Adopting a layered approach

It is clear that digital wallets that leverage tokenization are an effective means of ensuring secure retail payments, enabling retailers to adopt a modular, layered approach that is tailored to their own requirements and, importantly, strikes the right balance between security and convenience.

“Business Process Management” is the term that has been adopted to identify the discipline of operations management. It uses specific methods to discover, model, analyze, improve and automate business processes…

Subscribe to our Newsletter

Upcoming Events

Advantage Retail: How IoCT and AI Is Expanding the Definition of Retail